Gartner security analysts are being bombarded with questions about CYBER security. Is this cyber reality, or cyber hype?
A few years ago, we had seriously entertained the idea of creating a sort of ‘IT Buzz Term Hype Cycle’, that would map overused prefixes across trigger, hype, disillusionment, and productivity. At the time, ‘I-‘ had reached the peak of hyperfication. Its not hard to envision a future in which the prefix ‘cyber’ goes the way of the dodo, trapped forever in a linguistic graveyard with the suffix ‘dot com’.
In Gartner, we actually do have a concept of cybersecurity, incorporating operational technology into a broader concept of digital domain protection. It is also fair to say that many uses of the term cybersecurity connote, if not denote, the concept of offensive digital warfare. I want to go on the record right now and say that we specifically do NOT recommend that commercial and non-profit users of digital technology develop hackback capabilities.
We live in a constant state of verbal inflation. I started my career in computer security, lived through long painful discussions on whether or not information security was a valid term, and have watched, without actually encouraging, adjectival divergence into information assurance, cybersecurity, and cyberassurance.
All of these terms originally arrived with the best of intentions, bringing new concepts and connotations to a complex and changing cyber world. They inevitably turn into positioning playthings, as commercial entities and government agencies use the latest buzzterms to position themselves as being leaders—in something. Its anybody’s guess whether these various terms will evolve into sharply defined meanings not just for small specialty domains, but for the IT world in general.
For the time being, if you want to ask us about cybersecurity, we are going to ask you to provide more details. Are you military? Are you considered critical infrastructure and are you responsible for OT? What is it that you want to protect from whom?
Fresh terminology doesn’t necessarily mean that the old concepts were stale.
Read Complimentary Relevant Research
Five Golden Rules for Creating Effective Security Policy
Policy writing is a risk communication exercise that is frequently performed by people who lack the skills needed to create good security...
View Relevant Webinars
What Matters When Securing IoT?
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.